Re: ARIN fee structure (was: re: 2749 routes AT RISK - Re: TIMELY/IMPORTANT)

[John Curran]

> On 7 Apr 2022, at 12:31 PM, Owen DeLong via NANOG  wrote:
> 
> Certainly ARIN can do anything to its registry that is within policy. The 
> question is what happens when someone who never signed a contract with ARIN 
> continues to use those resources as internet numbers and announces the routes 
> and other ISPs accept them despite ARIN claiming that they have issued them 
> to a third party? Does ARIN have recourse to prevent these advertisements or 
> the acceptance of them by other providers? Does the third party? Does the 
> registry have any meaning if there is precedence for ignoring its entries in 
> routing?

ARIN maintains the number registry accordingly to the policies developed by the 
community (and address holders have specific rights to their entries in the 
registry) but that does not imply any rights regarding “Internet routing”…  
Network operators have always been free to run their networks (and their 
network routing) as they see fit – the goal of having a unique Internet number 
registry system is simply to make network operation an easier task. 

As to what would happen in your hypothetical squatting scenario, that’s 
entirely up the network operator community – today when it happens it generally 
gets corrected fairly promptly.

Best wishes,
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: ARIN fee structure (was: re: 2749 routes AT RISK - Re: TIMELY/IMPORTANT)

[John Curran]

On 7 Apr 2022, at 12:17 PM, Owen DeLong via NANOG 
mailto:nanog@nanog.org>> wrote:

So this proactive registering to vote is being imposed on all new LIR 
organizations as well?

New ARIN customers are automatically service members, and can opt (via ARIN 
Online) to become a general member if they wish - see 


Thanks,
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: ARIN fee structure (was: re: 2749 routes AT RISK - Re: TIMELY/IMPORTANT)

[Owen DeLong via NANOG]

> On Apr 7, 2022, at 08:16 , John Curran  wrote:
> 
> On 7 Apr 2022, at 1:58 AM, Owen DeLong via NANOG  > wrote:
>> …
>> Yes, but if you don’t have a contract with ARIN, ARIN’s ability to revoke 
>> your resources because the community decided it might be fun is 
>> significantly less certain for ARIN at best and highly unlikely at worst.
> 
> Mr. Delong - 
> 
> There’s some good news in this regard – ARIN can’t adopt number resource 
> policy that allows revocation of number resources "because the community 
> decided it might be fun" – as the ARIN Bylaws require that "ARIN will 
> continue to utilize an open, transparent multi-stakeholder process for 
> registry policy development.” and ARIN's adopted Policy Develop Process 
> requires that number resource policy enable "Fair and Impartial Number 
> Resource Administration” with defined criteria that are "simple and 
> obtainable.” 

While I’m amused by your pedantic interpretation of my statement, the reality 
is that resources with ARIN under contract can be revoked due to a change in 
policy that makes its way through that policy development process. Fair and 
impartial is a very subjective criteria and can be highly dependent on the 
perspective of the person determining whether or not something is fair and 
impartial.

While I agree that ARIN has not traditionally abused this ability, there is at 
least one RIR that is trying very hard to do so. As such, I have a greater 
tendency to view such things with more suspicion based on experience gained.

> More good news – anyone can participate in the ARIN Policy Development 
> Process, so someone can, if they wish, easily make sure that the policy 
> applicable their number resources meets the above constraints and is not 
> arbitrary or capricious in any manner.   (The ARIN Board of Trustees is the 
> one that makes sure that the ARIN Bylaws and ensure the ARIN PDP are 
> followed, so that again seems like a great reason to get involved in ARIN 
> governance for those have any concerns on that front.)

I’m sure you well know that I am very aware of the ability to participate in 
the ARIN PDP. I may not be the most active participant in the last 15 years of 
ARIN policy development, but I’d bet I’m certainly in the top 50 and almost 
certainly the to 15 by any measure you care to  use.

> As to the last point, ARIN’s ability to manage all of the number resources in 
> all of the number registry is remarkably clear, and ARIN number resource 
> registry policies apply to all blocks in the ARIN registry (including legacy 
> number resources) – as it is ultimately the ARIN members’ registry database 
> to be administered as they direct.   If a legacy resource holder wants a 
> statement of their rights to the number resources issued to them by ARIN or a 
> predecessor registry, they can enter an RSA that provides them the same 
> rights as every other customer that’s been issued number resources  – 
> (1) The exclusive right to be the registrant of the Included Number Resources 
> within the ARIN database;
> 
> (2) The right to use the Included Number Resources within the ARIN database; 
> and
> 
> (3) The right to transfer the registration of the Included Number Resources 
> pursuant to the Policies.
> 
The day the ARIN community decides to come with pitchforks for some large 
legacy holder without an LRSA will make for a very interesting court battle, to 
be certain. Until that happens and there’s an actual decision from a judge, I 
remain a bit less convinced of this than you appear to be. I do understand that 
is the party line. I suspect it’s mostly true, even. However, I suspect that it 
becomes a lot less true if the community’s definition of “fair and impartial” 
drifts away from that of a judge and/or jury.

You and I both recognize that the odds of the community taking such an action 
are relatively low. That the odds of the board ratifying it are even lower. 
Nonetheless, the possibility does exist within the terms of the contract and 
the recourse to the courts available to someone who signed such a contract are 
quite a bit less than what is available to someone who did not explicitly agree 
to allow this in writing.

> (The rights are obviously “limited rights” because there are other rights 
> that the community has to those same entries; 
> e.g. the ability to specify the fields/format of the number resource entry, 
> ability to publish the public portion of the entry, etc.) 
> 
> I.e., your legacy number resources in the ARIN registry are already governed 
> by ARIN policy, as ARIN’s maintains the number resources in ARIN registry as 
> the community directs regardless of whether you enter an RSA.  If a legacy 
> resource holder doesn't want an RSA then that is a perfectly fine choice, but 
> I’d still suggest they participate in the ARIN policy development process 
> since it is quite applicable to their legacy number resources.

Nope. My legacy resources were 

Re: ARIN fee structure (was: re: 2749 routes AT RISK - Re: TIMELY/IMPORTANT)

[Owen DeLong via NANOG]

> On Apr 7, 2022, at 07:25 , John Curran  wrote:
> 
> 
>> On 7 Apr 2022, at 2:08 AM, Owen DeLong > > wrote:
>> 
>>> Indeed - you only emphasize why it is important for organizations to get 
>>> involved in ARIN’s governance…  It is not intended that your sole 
>>> interaction with ARIN be via contractual mechanisms, but rather that 
>>> network operators actually participate as members of the organization.
>> 
>> Perhaps the only bright spot in the recent change to the fee structure is 
>> that I now have membership open to me without having to pay an extra 
>> $500/year for the privilege.
>> 
>> Prior to this most recent change, end-users were not afforded such 
>> participation.
>  
> Correct.
> 
>> Even with the most recent change, the board still opted to default all end 
>> users to second class citizenry unless they each took specific actions to 
>> opt in to participation in ARIN governance.
> 
> Correct as well - with the understanding that the “specific action” that one 
> needs to take is simply asking to be a General Member; i.e. confirming your 
> organization’s intent to vote in ARIN elections and acknowledging that your 
> organization will be publicly listed on the General Member list.   
>  > 
> 
> Having a record of such acknowledgement is desirable for record keeping 
> purposes, and yes, in theory we could have forced the entire 7000+ existing 
> ARIN general members on day one of the membership structure change to 
> undertake the exact same consent process in order to retain their General 
> Member status and be able to vote – but that would have been significant 
> member disenfranchisement for something that ARIN can just as easily obtain 
> for pre-existing general members on a rolling basis going forward.  
> 
> My apologies if the handling of this leaves with the impression of being “a 
> second class” citizen, as that was not intent at all (rather we are just 
> handling a very significant change in our membership structure in the most 
> pragmatic manner possible.) 

So this proactive registering to vote is being imposed on all new LIR 
organizations as well?

Owen

Re: ARIN fee structure (was: re: 2749 routes AT RISK - Re: TIMELY/IMPORTANT)

[John Curran]

On 7 Apr 2022, at 1:58 AM, Owen DeLong via NANOG 
mailto:nanog@nanog.org>> wrote:
…
Yes, but if you don’t have a contract with ARIN, ARIN’s ability to revoke your 
resources because the community decided it might be fun is significantly less 
certain for ARIN at best and highly unlikely at worst.

Mr. Delong -

There’s some good news in this regard – ARIN can’t adopt number resource policy 
that allows revocation of number resources "because the community decided it 
might be fun" – as the ARIN Bylaws require that "ARIN will continue to utilize 
an open, transparent multi-stakeholder process for registry policy 
development.” and ARIN's adopted Policy Develop Process requires that number 
resource policy enable "Fair and Impartial Number Resource Administration” with 
defined criteria that are "simple and obtainable.”

More good news – anyone can participate in the ARIN Policy Development Process, 
so someone can, if they wish, easily make sure that the policy applicable their 
number resources meets the above constraints and is not arbitrary or capricious 
in any manner.   (The ARIN Board of Trustees is the one that makes sure that 
the ARIN Bylaws and ensure the ARIN PDP are followed, so that again seems like 
a great reason to get involved in ARIN governance for those have any concerns 
on that front.)

As to the last point, ARIN’s ability to manage all of the number resources in 
all of the number registry is remarkably clear, and ARIN number resource 
registry policies apply to all blocks in the ARIN registry (including legacy 
number resources) – as it is ultimately the ARIN members’ registry database to 
be administered as they direct.   If a legacy resource holder wants a statement 
of their rights to the number resources issued to them by ARIN or a predecessor 
registry, they can enter an RSA that provides them the same rights as every 
other customer that’s been issued number resources  –

(1) The exclusive right to be the registrant of the Included Number Resources 
within the ARIN database;

(2) The right to use the Included Number Resources within the ARIN database; and

(3) The right to transfer the registration of the Included Number Resources 
pursuant to the Policies.

(The rights are obviously “limited rights” because there are other rights that 
the community has to those same entries;
e.g. the ability to specify the fields/format of the number resource entry, 
ability to publish the public portion of the entry, etc.)

I.e., your legacy number resources in the ARIN registry are already governed by 
ARIN policy, as ARIN’s maintains the number resources in ARIN registry as the 
community directs regardless of whether you enter an RSA.  If a legacy resource 
holder doesn't want an RSA then that is a perfectly fine choice, but I’d still 
suggest they participate in the ARIN policy development process since it is 
quite applicable to their legacy number resources.

Thanks!
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: ARIN fee structure (was: re: 2749 routes AT RISK - Re: TIMELY/IMPORTANT)

[John Curran]

On 7 Apr 2022, at 2:08 AM, Owen DeLong 
mailto:o...@delong.com>> wrote:

Indeed - you only emphasize why it is important for organizations to get 
involved in ARIN’s governance…  It is not intended that your sole interaction 
with ARIN be via contractual mechanisms, but rather that network operators 
actually participate as members of the organization.

Perhaps the only bright spot in the recent change to the fee structure is that 
I now have membership open to me without having to pay an extra $500/year for 
the privilege.

Prior to this most recent change, end-users were not afforded such 
participation.

Correct.

Even with the most recent change, the board still opted to default all end 
users to second class citizenry unless they each took specific actions to opt 
in to participation in ARIN governance.

Correct as well - with the understanding that the “specific action” that one 
needs to take is simply asking to be a General Member; i.e. confirming your 
organization’s intent to vote in ARIN elections and acknowledging that your 
organization will be publicly listed on the General Member list.   


Having a record of such acknowledgement is desirable for record keeping 
purposes, and yes, in theory we could have forced the entire 7000+ existing 
ARIN general members on day one of the membership structure change to undertake 
the exact same consent process in order to retain their General Member status 
and be able to vote – but that would have been significant member 
disenfranchisement for something that ARIN can just as easily obtain for 
pre-existing general members on a rolling basis going forward.

My apologies if the handling of this leaves with the impression of being “a 
second class” citizen, as that was not intent at all (rather we are just 
handling a very significant change in our membership structure in the most 
pragmatic manner possible.)

Best wishes,
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: ARIN fee structure (was: re: 2749 routes AT RISK - Re: TIMELY/IMPORTANT)

[Owen DeLong via NANOG]

> 
> Indeed - you only emphasize why it is important for organizations to get 
> involved in ARIN’s governance…  It is not intended that your sole interaction 
> with ARIN be via contractual mechanisms, but rather that network operators 
> actually participate as members of the organization.

Perhaps the only bright spot in the recent change to the fee structure is that 
I now have membership open to me without having to pay an extra $500/year for 
the privilege.

Prior to this most recent change, end-users were not afforded such 
participation.

Even with the most recent change, the board still opted to default all end 
users to second class citizenry unless they each took specific actions to opt 
in to participation in ARIN governance.


Owen

Re: ARIN fee structure (was: re: 2749 routes AT RISK - Re: TIMELY/IMPORTANT)

[Owen DeLong via NANOG]

> On Apr 6, 2022, at 04:48 , John Curran  wrote:
> 
> On 5 Apr 2022, at 11:57 PM, William Herrin  > wrote:
>> 
>> On 5 Apr 2022, at 8:38 PM, Dan Mahoney (Gushi) > > wrote:
>>> But say they sign an LRSA: Those $0 fees would go up to 150, this year, 175 
>>> next year, 200 the following...250 in year five... to be able to simply add 
>>> DNSSEC, RPKI, and Validated IRR.
>> 
>> Hi Dan,
>> 
>> Speaking for myself, I'd be happy to pay the normal block size fee
>> just to get DNSSEC, RPKI and a validated IRR. I pay $80/month just for
>> my residential Internet service and another $80 or so for my off-site
>> virtual machines. A couple hundred bucks a _year_ for the niceties
>> which come with ARIN registration is no imposition at all.
> 
> Bill - 
> 
> Good to hear - one hopes that the value is sufficient (but we should still 
> look for opportunities for further improvements on both services and fees.) 
> 
>> My objection lies in having ARIN's RSA adhere to my address block
>> overall. I may feel differently about ARIN next year than I do this
>> year but once I've signed that RSA, well, that's just too bad. I now
>> have obligations to ARIN, some of them on shifting sand, and if I
>> don't fulfill them the addresses are gone.
> 
> 
> That’s an Interesting perspective - thank you for sending.   It is true that 
> both you and ARIN have obligations once you sign an RSA, but that’s true of 
> any standardized agreement that you enter – standard agreements are found 
> everywhere in life and are enforceable if applied uniformly with reasonable 
> terms. 

Most standard agreements don’t include “And if you terminate the agreement, we 
take away your toys.”

> The part of your statement I don’t understand is that some of your 
> obligations to ARIN are "on shifting sand"… If anything, you’ve got more 
> protections in place regarding your ARIN RSA agreement than likely in most 
> other standard agreement contexts (although it is true that we at ARIN don’t 
> exactly emphasize these aspects as often as we might…) 

For example, the ARIN community can at any time change policy or the board can 
enact changes in the fee structure and there is no ability to opt out of these 
changes and preserve the original terms of the agreement.

> Unlike many other standard agreements that you might find yourself in:
> 
> ARIN is an actual membership organization and governed accordingly.  Every 
> customer with IPv4 or IPv6 resources under agreement is an ARIN member and 
> has the option to participate in the ARIN election for Trustees and ARIN AC 
> members.  >(I 
> know of many not-for-profits that have “members” but not actual membership 
> organizations, and the difference is substantial regarding one’s legal rights 
> and enforceability of same.) 
> While ARIN previously did have the ability to revise your registration 
> services agreement (RSA) at will, we’ve achieved sufficient stability that it 
> was possible to end that flexibility – now ARIN may only modify the terms of 
> the RSA agreement if necessary due to a specific change in relevant statute 
> or caselaw, or upon recommendation of the Board _and_ ratification vote by 
> the ARIN members. 

Yes, but changing the effective terms of the agreement doesn’t require 
modifying the agreement any more, either. (See above)

> If ARIN fails to live up to its obligations under the agreement and our 
> performance is found to have provided valid cause for termination, the 
> agreement ends – and you keep your legacy number resources with them 
> returning to their status before agreement. 

Yes, but if you don’t have a contract with ARIN, ARIN’s ability to revoke your 
resources because the community decided it might be fun is significantly less 
certain for ARIN at best and highly unlikely at worst.

> It is true that our number resource policies are subject to change by the 
> community through the open policy development process, and therefore your 
> obligations under them might be the “shifting sand” to which you refer.  If 
> that’s the case then I understand the reference, but as you’re aware that’s 
> an inevitable consequence of having community-driven number resource policy – 
> ARIN’s number resource policy instantiates community consensus regarding such 
> obligations, which is not much different than obligations/expectation that 
> networks face in other aspects of Internet operation, aside from actually 
> being clearly written down in one place when it comes to the registry 
> obligations. 

I think it’s more about the consequences if one no longer wishes to abide the 
agreement. The fact that one cannot terminate the agreement voluntarily and 
return to the previous status is, I believe, the sticking point.

Owen

Re: ARIN fee structure (was: re: 2749 routes AT RISK - Re: TIMELY/IMPORTANT)

[John Curran]

On 6 Apr 2022, at 1:32 PM, William Herrin  wrote:
> 
> On Wed, Apr 6, 2022 at 4:48 AM John Curran  wrote:
>> On 5 Apr 2022, at 11:57 PM, William Herrin  wrote:
>>> My objection lies in having ARIN's RSA adhere to my address block
>>> overall. I may feel differently about ARIN next year than I do this
>>> year but once I've signed that RSA, well, that's just too bad. I now
>>> have obligations to ARIN, some of them on shifting sand, and if I
>>> don't fulfill them the addresses are gone.
>> 
>> That’s an Interesting perspective - thank you for sending.   It is true that 
>> both you and ARIN have obligations once you sign an RSA, but that’s true of 
>> any standardized agreement that you enter – standard agreements are found 
>> everywhere in life and are enforceable if applied uniformly with reasonable 
>> terms.
> 
> Hi John,
> 
> Why should I need an agreement with ARIN on the disposition of
> addresses which are already mine? 

Bill - 

You don’t need an agreement in such a case (since ARIN’s already maintaining 
your address blocks in the registry without any fee or contract.) 

> Offer me an agreement confined to
> the things I don't have, like RPKI, and you'll empower me to do my
> part in making BGP a safer place without demanding I take on new risk.

Interesting philosophy - historically ARIN customers have asked for simplicity 
in the relationship; i.e. a single fee that encompasses all of the services - 
in this way, an organization can utilize something without having to “get new 
approval” and there’s no financial or service disincentive for deployment of 
IPv6, IRR, RPKI, etc.

Feel free to propose an alternative structure if you think it makes sense - the 
suggestion process would be a good step (but feel free to run for the ARIN 
Board of Trustees if you want to really advocate for a different approach.)

>> The part of your statement I don’t understand is that some of your 
>> obligations to ARIN are "on shifting sand"… If anything, you’ve got more 
>> protections in place regarding your ARIN RSA agreement than likely in most 
>> other standard agreement contexts (although it is true that we at ARIN don’t 
>> exactly emphasize these aspects as often as we might…)
> 
> Compliance with ARIN public policy is incorporated by reference. ARIN
> policy shifts. ARIN business practices such as the fee structure are
> incorporated by reference. The business practices shift. Indeed, the
> fee structure was rearranged last year in a way that undermined one of
> the central tenets of the LRSA. To the consternation of some of the
> folks who had signed the LRSA.
> 
> The RSA requires the registrant to comply not just with the conditions
> at the time of signing but also with the ones which develop later. And
> tough luck if the registrant doesn't like them.
> 
> I'm on the same shifting sands with nearly every company I do business
> with. But in each of their cases, it's a trivial matter to switch to a
> competitor if I don't like next year's deal. I have no such risk
> mitigation in my interactions with ARIN. Perhaps if I was a
> multinational company doing business in multiple regions but alas I am
> not.

Indeed - you only emphasize why it is important for organizations to get 
involved in ARIN’s governance…  It is not intended that your sole interaction 
with ARIN be via contractual mechanisms, but rather that network operators 
actually participate as members of the organization.

Thanks, 
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: ARIN fee structure (was: re: 2749 routes AT RISK - Re: TIMELY/IMPORTANT)

[William Herrin]

On Wed, Apr 6, 2022 at 4:48 AM John Curran  wrote:
> On 5 Apr 2022, at 11:57 PM, William Herrin  wrote:
>> My objection lies in having ARIN's RSA adhere to my address block
>> overall. I may feel differently about ARIN next year than I do this
>> year but once I've signed that RSA, well, that's just too bad. I now
>> have obligations to ARIN, some of them on shifting sand, and if I
>> don't fulfill them the addresses are gone.
>
> That’s an Interesting perspective - thank you for sending.   It is true that 
> both you and ARIN have obligations once you sign an RSA, but that’s true of 
> any standardized agreement that you enter – standard agreements are found 
> everywhere in life and are enforceable if applied uniformly with reasonable 
> terms.

Hi John,

Why should I need an agreement with ARIN on the disposition of
addresses which are already mine? Offer me an agreement confined to
the things I don't have, like RPKI, and you'll empower me to do my
part in making BGP a safer place without demanding I take on new risk.


> The part of your statement I don’t understand is that some of your 
> obligations to ARIN are "on shifting sand"… If anything, you’ve got more 
> protections in place regarding your ARIN RSA agreement than likely in most 
> other standard agreement contexts (although it is true that we at ARIN don’t 
> exactly emphasize these aspects as often as we might…)

Compliance with ARIN public policy is incorporated by reference. ARIN
policy shifts. ARIN business practices such as the fee structure are
incorporated by reference. The business practices shift. Indeed, the
fee structure was rearranged last year in a way that undermined one of
the central tenets of the LRSA. To the consternation of some of the
folks who had signed the LRSA.

The RSA requires the registrant to comply not just with the conditions
at the time of signing but also with the ones which develop later. And
tough luck if the registrant doesn't like them.

I'm on the same shifting sands with nearly every company I do business
with. But in each of their cases, it's a trivial matter to switch to a
competitor if I don't like next year's deal. I have no such risk
mitigation in my interactions with ARIN. Perhaps if I was a
multinational company doing business in multiple regions but alas I am
not.

Regards,
Bill Herrin

-- 
William Herrin
b...@herrin.us
https://bill.herrin.us/

Re: ARIN fee structure (was: re: 2749 routes AT RISK - Re: TIMELY/IMPORTANT)

[John Curran]

On 5 Apr 2022, at 11:57 PM, William Herrin 
mailto:b...@herrin.us>> wrote:

On 5 Apr 2022, at 8:38 PM, Dan Mahoney (Gushi) 
mailto:d...@prime.gushi.org>> wrote:
But say they sign an LRSA: Those $0 fees would go up to 150, this year, 175 
next year, 200 the following...250 in year five... to be able to simply add 
DNSSEC, RPKI, and Validated IRR.

Hi Dan,

Speaking for myself, I'd be happy to pay the normal block size fee
just to get DNSSEC, RPKI and a validated IRR. I pay $80/month just for
my residential Internet service and another $80 or so for my off-site
virtual machines. A couple hundred bucks a _year_ for the niceties
which come with ARIN registration is no imposition at all.

Bill -

Good to hear - one hopes that the value is sufficient (but we should still look 
for opportunities for further improvements on both services and fees.)

My objection lies in having ARIN's RSA adhere to my address block
overall. I may feel differently about ARIN next year than I do this
year but once I've signed that RSA, well, that's just too bad. I now
have obligations to ARIN, some of them on shifting sand, and if I
don't fulfill them the addresses are gone.

That’s an Interesting perspective - thank you for sending.   It is true that 
both you and ARIN have obligations once you sign an RSA, but that’s true of any 
standardized agreement that you enter – standard agreements are found 
everywhere in life and are enforceable if applied uniformly with reasonable 
terms.

The part of your statement I don’t understand is that some of your obligations 
to ARIN are "on shifting sand"… If anything, you’ve got more protections in 
place regarding your ARIN RSA agreement than likely in most other standard 
agreement contexts (although it is true that we at ARIN don’t exactly emphasize 
these aspects as often as we might…)

Unlike many other standard agreements that you might find yourself in:


  1.  ARIN is an actual membership organization and governed accordingly.  
Every customer with IPv4 or IPv6 resources under agreement is an ARIN member 
and has the option to participate in the ARIN election for Trustees and ARIN AC 
members. 
(I know of many not-for-profits that have “members” but not actual membership 
organizations, and the difference is substantial regarding one’s legal rights 
and enforceability of same.)
  2.  While ARIN previously did have the ability to revise your registration 
services agreement (RSA) at will, we’ve achieved sufficient stability that it 
was possible to end that flexibility – now ARIN may only modify the terms of 
the RSA agreement if necessary due to a specific change in relevant statute or 
caselaw, or upon recommendation of the Board _and_ ratification vote by the 
ARIN members.
  3.  If ARIN fails to live up to its obligations under the agreement and our 
performance is found to have provided valid cause for termination, the 
agreement ends – and you keep your legacy number resources with them returning 
to their status before agreement.

It is true that our number resource policies are subject to change by the 
community through the open policy development process, and therefore your 
obligations under them might be the “shifting sand” to which you refer.  If 
that’s the case then I understand the reference, but as you’re aware that’s an 
inevitable consequence of having community-driven number resource policy – 
ARIN’s number resource policy instantiates community consensus regarding such 
obligations, which is not much different than obligations/expectation that 
networks face in other aspects of Internet operation, aside from actually being 
clearly written down in one place when it comes to the registry obligations.

Thanks!
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: ARIN fee structure (was: re: 2749 routes AT RISK - Re: TIMELY/IMPORTANT)

[William Herrin]

On 5 Apr 2022, at 8:38 PM, Dan Mahoney (Gushi)  wrote:
> But say they sign an LRSA: Those $0 fees would go up to 150, this year, 175 
> next year, 200 the following...250 in year five... to be able to simply add 
> DNSSEC, RPKI, and Validated IRR.

Hi Dan,

Speaking for myself, I'd be happy to pay the normal block size fee
just to get DNSSEC, RPKI and a validated IRR. I pay $80/month just for
my residential Internet service and another $80 or so for my off-site
virtual machines. A couple hundred bucks a _year_ for the niceties
which come with ARIN registration is no imposition at all.

My objection lies in having ARIN's RSA adhere to my address block
overall. I may feel differently about ARIN next year than I do this
year but once I've signed that RSA, well, that's just too bad. I now
have obligations to ARIN, some of them on shifting sand, and if I
don't fulfill them the addresses are gone.

Regards,
Bill Herrin


-- 
William Herrin
b...@herrin.us
https://bill.herrin.us/